mirror of
https://github.com/OpenXE-org/OpenXE.git
synced 2024-12-25 06:00:28 +01:00
#12 Logfile::addLogFile() does not escape the given parameters
This commit is contained in:
parent
2eabd85b91
commit
9994f8c18d
@ -1,4 +1,4 @@
|
||||
<?php
|
||||
<?php
|
||||
/*
|
||||
**** COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
|
||||
*
|
||||
@ -10,8 +10,8 @@
|
||||
* to obtain the text of the corresponding license version.
|
||||
*
|
||||
**** END OF COPYRIGHT & LICENSE NOTICE *** DO NOT REMOVE ****
|
||||
*/
|
||||
?>
|
||||
*/
|
||||
?>
|
||||
<?php
|
||||
class Logfile {
|
||||
/** @var Application $app */
|
||||
@ -256,6 +256,10 @@ class Logfile {
|
||||
if(is_array($meldung)) {
|
||||
$meldung = $this->app->DB->real_escape_string(print_r($meldung, true));
|
||||
}
|
||||
|
||||
// Quick fix
|
||||
$dump = $this->app->DB->real_escape_string(print_r($dump, true));
|
||||
|
||||
$this->app->DB->Insert(
|
||||
sprintf(
|
||||
"INSERT INTO logfile (module,action,meldung,dump,datum,bearbeiter,funktionsname)
|
||||
|
Loading…
Reference in New Issue
Block a user